MD5 for TCP/BGP Sessions
Eduardo Ascenco Reis
eduardo at intron.com.br
Thu Mar 31 21:46:50 UTC 2005
Dear Fellows,
a simple configuration that can help to improve security on BGP tcp sessions
is to establish it using ip loopback address on both sides, even in
situations with only one link between routers. By doing that the ip address
used are hidden from traceroute tools discovery.
Also the ip address used can be no routeable outside both routers, which
will naturally block ip traffic against the BGP tcp session from any other
host.
Regards,
Eduardo Ascenço Reis.
More information about the NANOG
mailing list